Unlock instant, AI-driven research and patent intelligence for your innovation.

Router DoS (denial of service) attack protecting function testing method and system

A protection function and router technology, applied in the field of network communication, can solve the problems of inaccurate test router DoS attack protection function and weak test method universality, etc., and achieve the effect of strong universality and strong universality.

Inactive Publication Date: 2017-12-26
PHICOMM (SHANGHAI) CO LTD
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The technical problem to be solved by the present invention is that the test router DoS attack protection function in the prior art is not precise enough and the universality of the test method is not strong

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Router DoS (denial of service) attack protecting function testing method and system
  • Router DoS (denial of service) attack protecting function testing method and system
  • Router DoS (denial of service) attack protecting function testing method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0053] This embodiment provides a method for testing the DoS attack protection function of a router, the flow chart of which is as follows figure 1 As shown, the details are as follows:

[0054] Step S101, sending a DoS attack packet to the router.

[0055] Common DoS attacks include three types: TCP SYN Flood attack, UDP flood attack, and ICMP Flood attack.

[0056] The above three DoS attacks correspond to three attack packets: TCP SYN packets, UDP packets, and ICMP request packets.

[0057] Generally, routers have protection functions against these three kinds of DoS attacks; in this step, the purpose of sending DoS attack packets to routers is to test the DoS attack protection functions of routers.

[0058] Step S102, adjusting the packet sending rate of DoS attack packets, so that the packet sending rate is greater than the DoS attack detection threshold of the router.

[0059] To protect against DoS attacks, the router sets a DoS attack detection threshold. When the ...

Embodiment 2

[0072] This embodiment provides a method for testing the DoS attack protection function of a router, the flow chart of which is as follows figure 2 As shown, the details are as follows:

[0073] Step S201, generating a TCP SYN packet.

[0074] Specifically, a TCP SYN packet is generated on the external network host.

[0075] Step S202, using a packet sending tool to send a TCP SYN packet to the WAN port of the router.

[0076] Send a TCP SYN packet to the WAN port of the router through a packet sending tool. The purpose of this step is to simulate a DoS attack, specifically, to simulate a TCP SYN Flood attack.

[0077] Step S203, adjusting the packet sending rate of DoS attack packets, so that the packet sending rate is greater than the DoS attack detection threshold of the router.

[0078] Specifically, the sending rate of the TCP SYN packet is adjusted so that it exceeds the TCP SYN packet detection threshold set in the router.

[0079] Step S204, receiving a response ...

Embodiment 3

[0086] This embodiment provides a method for testing the DoS attack protection function of a router, the flow chart of which is as follows image 3 As shown, the details are as follows:

[0087] Step S301, generating a UDP packet.

[0088] Specifically, a UDP packet is generated on the external network host.

[0089] Step S302, using a packet sending tool to send a UDP packet to the WAN port of the router.

[0090] Send a UDP packet to the WAN port of the router through a packet sending tool. The purpose of this step is to simulate a DoS attack, specifically, a UDP flood attack.

[0091] Step S303, adjusting the packet sending rate of the DoS attack packet, so that the packet sending rate is greater than the DoS attack detection threshold of the router.

[0092] Specifically, the sending rate of UDP packets is adjusted so that it exceeds the UDP packet detection threshold set in the router.

[0093] Step S304, receiving a response packet of the DoS attack packet.

[0094...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a router DoS attack protecting function testing method and system and relates to the technical field of routers. The method comprises sending DoS attack packets to a router; adjusting the sending speed of the DoS attack packets to be higher than a DoS attack detecting threshold; receiving response packets of the DoS attack packets; according to the speed of receiving the response packets and the DoS attack detecting threshold, determining whether DoS attack protection of the router is effective. The router DoS attack protecting function testing method is high in universality and accurate and reliable in testing results.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to a method and system for testing the DoS attack protection function of a router. Background technique [0002] DoS is the abbreviation of Denial of Service, that is, denial of service. Attacks that cause DoS are called DoS attacks. DoS attack is a simple, effective and very harmful attack method. It aims to make the target computer or network unable to provide normal services by deliberately attacking the defects of the network protocol or directly exhausting the resources of the attacked object through brutal means. Service or resource access that causes the target system to stop responding or even crash. The common sources of DoS attacks on routers come from the WAN side. One is to send large-flow flood data to the router WAN port, such as UDP Flood and ICMP Flood attacks, causing the router to be exhausted in a short period of time and fail to respond normally. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26
CPCH04L43/103H04L43/16H04L63/1408H04L63/1458H04L2463/142
Inventor 刘博
Owner PHICOMM (SHANGHAI) CO LTD